Moving stripe api key to config/run secret.

Makefile

@@ -69,6 +69,8 @@ all-apps/nassella/lldap_postgres_password: $(apps_config)
 	bash -c 'source ./$(apps_config); printf "%s\n" "$$NASSELLA_LLDAP_POSTGRES_PASSWORD" > $@'
 all-apps/nassella/lldap_admin_password: $(apps_config)
 	bash -c 'source ./$(apps_config); printf "%s\n" "$$NASSELLA_LLDAP_ADMIN_PASSWORD" > $@'
+all-apps/nassella/stripe_api_key: $(apps_config)
+	bash -c 'source ./$(apps_config); printf "%s\n" "$$NASSELLA_STRIPE_API_KEY" > $@'
 all-apps/nassella/authelia-config/configuration.yml: $(apps_config) all-apps/nassella/authelia-config/configuration.yml.tmpl make-nassella-authelia-config.sh
 	./make-nassella-authelia-config.sh $(apps_config)
 all-apps/nassella/lldap-config/lldap_config.toml: $(apps_config) all-apps/nassella/lldap-config/lldap_config.toml.tmpl make-nassella-lldap-config.sh

all-apps/nassella/docker-compose.yaml

@@ -21,6 +21,8 @@ secrets:
     file: ./nassella/authelia_postgres_user
   nassella_lldap_admin_password:
     file: ./nassella/lldap_admin_password
+  nassella_stripe_api_key:
+    file: ./nassella/stripe_api_key
 
 services:
   nassella_lldap_db:
@@ -133,6 +135,7 @@ services:
       - nassella_postgres_password
       - nassella_postgres_user
       - nassella_lldap_admin_password
+      - nassella_stripe_api_key
     networks:
       - lb
       - nassella_internal

all-apps/nassella/stripe_api_key

@@ -0,0 +1 @@
+api_key

src/Dockerfile

@@ -39,22 +39,16 @@ COPY db.scm db.scm
 COPY nassella.scm nassella.scm
 COPY run.scm run.scm
 
-RUN csc -O3 mocks.scm -J
-RUN csc -O3 db.scm -J
-RUN csc -O3 nassella.scm -J
 RUN csc -O3 -o nassella-run run.scm
 RUN chmod +x nassella-run
 
 FROM debian:trixie-slim
 RUN apt-get update && apt-get -y --no-install-recommends install \
- libpq-dev ca-certificates gettext-base \
+ libpq-dev ca-certificates gettext-base openssh-client \
  && rm -rf /var/lib/apt/lists/*
 COPY --from=buildeggs /usr/local/ /usr/local/
 
 WORKDIR /var
-COPY --from=buildeggs /var/nassella/mocks /var
-COPY --from=buildeggs /var/nassella/db /var
-COPY --from=buildeggs /var/nassella/nassella /var
 COPY --from=buildeggs /var/nassella/nassella-run /var
 
 COPY nassella-latest.tar nassella-latest.tar

src/nassella.scm

@@ -563,7 +563,8 @@ h1, h2, h3, h4, h5, h6 {
    'email
    (alist-ref
     'customer_details
-    (send-stripe-request endpoint: (string-append "/checkout/sessions/" sid)))))
+    (send-stripe-request endpoint: (string-append "/checkout/sessions/" sid)
+                         username: (string-trim-right (with-input-from-file "/run/secrets/nassella_stripe_api_key" read-string))))))
 
 
 (define (create-lldap-user username email)
@@ -1090,7 +1091,9 @@ chmod -R 777 /opt/keys")))
                  (Field (@ (name "nassella-lldap-subdomain") (label ("LLDAP Subdomain"))
                            (value ,(alist-ref 'lldap-subdomain (alist-ref 'nassella app-config eq? '()) eq? "lldap"))))
                  (Field (@ (name "nassella-lldap-admin-password") (label ("Admin Password")) (type "password")
-                           (value ,(alist-ref 'lldap-admin-password (alist-ref 'nassella app-config eq? '()) eq? ""))))))
+                           (value ,(alist-ref 'lldap-admin-password (alist-ref 'nassella app-config eq? '()) eq? ""))))
+                 (Field (@ (name "nassella-stripe-api-key") (label ("Stripe API Key")) (type "password")
+                           (value ,(alist-ref 'stripe-api-key (alist-ref 'nassella app-config eq? '()) eq? ""))))))
               '())
         (Fieldset
          (@ (title "Log Viewer"))
@@ -1160,6 +1163,7 @@ chmod -R 777 /opt/keys")))
                                                            (generate-key-seed)))
                         (lldap-subdomain . ,(alist-ref 'nassella-lldap-subdomain (current-params)))
                         (lldap-admin-password . ,(alist-ref 'nassella-lldap-admin-password (current-params)))
+                        (stripe-api-key . ,(alist-ref 'nassella-stripe-api-key (current-params)))
                         (authelia-jwt-secret . ,(or (alist-ref 'authelia-jwt-secret
                                                                (alist-ref 'nassella config eq? '()))
                                                     (generate-jwt-secret)))
@@ -1357,6 +1361,7 @@ chmod -R 777 /opt/keys")))
                    ("NASSELLA_LLDAP_JWT_SECRET" . ,(alist-ref 'lldap-jwt-secret (alist-ref 'nassella config)))
                    ("NASSELLA_LLDAP_KEY_SEED" . ,(alist-ref 'lldap-key-seed (alist-ref 'nassella config)))
                    ("NASSELLA_LLDAP_ADMIN_PASSWORD" . ,(alist-ref 'lldap-admin-password (alist-ref 'nassella config)))
+                   ("NASSELLA_STRIPE_API_KEY" . ,(alist-ref 'stripe-api-key (alist-ref 'nassella config)))
                    ("NASSELLA_AUTHELIA_JWT_SECRET" . ,(alist-ref 'authelia-jwt-secret (alist-ref 'nassella config)))
                    ("NASSELLA_AUTHELIA_KEY_SEED" . ,(alist-ref 'authelia-key-seed (alist-ref 'nassella config)))
                    ("SMTP_HOST" . ,(alist-ref 'smtp-host (alist-ref 'all-apps config)))
@@ -1612,6 +1617,7 @@ chmod -R 777 /opt/keys")))
                    ("NASSELLA_LLDAP_JWT_SECRET" . ,(alist-ref 'lldap-jwt-secret (alist-ref 'nassella config)))
                    ("NASSELLA_LLDAP_KEY_SEED" . ,(alist-ref 'lldap-key-seed (alist-ref 'nassella config)))
                    ("NASSELLA_LLDAP_ADMIN_PASSWORD" . ,(alist-ref 'lldap-admin-password (alist-ref 'nassella config)))
+                   ("NASSELLA_STRIPE_API_KEY" . ,(alist-ref 'stripe-api-key (alist-ref 'nassella config)))
                    ("NASSELLA_AUTHELIA_JWT_SECRET" . ,(alist-ref 'authelia-jwt-secret (alist-ref 'nassella config)))
                    ("NASSELLA_AUTHELIA_KEY_SEED" . ,(alist-ref 'authelia-key-seed (alist-ref 'nassella config)))
                    ("SMTP_HOST" . ,(alist-ref 'smtp-host (alist-ref 'all-apps config)))